Terms of Service

1. Agreement to Terms

Opscion AI ("we," "us," or "our") provides the MillOS factory management system and AI Document Parsing tools on a software-as-a-service basis. These Terms constitute a legally binding agreement between Opscion AI and the Customer. For enterprise customers, these Terms may be supplemented by a separately executed Order Form or Enterprise Agreement; in the event of conflict, the Enterprise Agreement shall prevail with respect to its subject matter.

1.2 License Grant

Subject to Customer's compliance with these Terms and timely payment of all applicable fees, Opscion AI grants Customer a limited, non-exclusive, non-transferable, non-sublicensable right to access and use the MillOS Platform and associated documentation solely for Customer's internal business operations during the Subscription Term. No other rights are granted by implication, estoppel, or otherwise. All rights not expressly granted herein are reserved by Opscion AI.

2. Service Provision, SLA, BC/DR & Warranty Disclaimer

2.1 Service Level Commitment

Opscion AI commits to a monthly Platform Availability of 99.9% for Enterprise subscription tiers, measured as: ((Total Minutes in Month − Downtime Minutes) / Total Minutes in Month) × 100. "Downtime" means periods of complete Platform unavailability, excluding: (i) scheduled maintenance windows communicated no fewer than 48 hours in advance and subject to the constraints below; (ii) Customer-caused outages or misconfigurations; (iii) Force Majeure events under §10 as narrowly defined therein; and (iv) failures in Customer's own network or hardware infrastructure.

Scheduled Maintenance Constraints: Opscion AI shall limit scheduled maintenance to: (a) a maximum of 4 hours per maintenance window; (b) no more than one (1) maintenance window per calendar month; and (c) windows scheduled during off-peak hours (Saturday or Sunday, 00:00–06:00 IST or equivalent low-usage window notified in advance). Emergency maintenance required to prevent active security breaches is excluded from these constraints but shall be communicated within 2 hours of commencement.

Where monthly availability falls below 99.9%, Customer shall be entitled to a service credit equal to 10% of the monthly fee for each full percentage point below 99.9%, up to a maximum of 30% of the applicable monthly fee. Credits must be claimed in writing within 30 days of the affected month and shall be applied to the next invoice. For downtime below the 8-consecutive-hour threshold, service credits are Customer's sole and exclusive remedy for availability failures. Where a single downtime event exceeds 8 consecutive hours, service credits and the §6 consequential damages carve-out are mutually exclusive alternative remedies; Customer shall elect one remedy in writing within 30 days.

2.2 Test Certificate Compliance Disclaimer

IMPORTANT: While MillOS automatically parses chemical, hardness, and mechanical load values to generate EN 10204-compliant test certificates, the final authorization and sign-off of any Test Certificate remains the exclusive liability of your designated Quality Assurance personnel. Opscion AI assumes no liability for downstream metallurgical properties, physical performance, or regulatory non-compliance of your fastener products under any applicable standards body (including BIS, ASTM, EN, ISO, DIN, IATF, or SAE). The Platform is not a substitute for independent verification by a qualified metallurgical engineer, and no AI-generated output from this Platform should be submitted to any regulatory authority, notified body, or used in a safety-critical application without such independent human verification.

2.3 AS-IS Warranty Disclaimer

2.4 Business Continuity, Disaster Recovery & Security Audits

Opscion AI maintains a documented Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP), tested no less than annually. Opscion AI commits to: (i) a Recovery Time Objective (RTO) of no more than 8 hours for platform restoration following a declared disaster event; (ii) a Recovery Point Objective (RPO) of no more than 4 hours, supported by daily encrypted backups retained for a minimum of 30 rolling days; (iii) making a summary of its most recent BCP/DRP test results available to Enterprise subscribers upon written request under mutual NDA; and (iv) upon Customer's written request (no more than once per 12-month period), providing the most recent third-party security audit report (SOC 2 Type II, ISO 27001, or equivalent) under mutual NDA, or, where no such audit report yet exists, permitting Customer to commission a security assessment at Customer's cost upon 30 days' advance written notice.

2.5 EU AI Act Compliance

Opscion AI acknowledges that, to the extent the MillOS AI Document Parsing Engine may constitute a "high-risk AI system" within the meaning of Regulation (EU) 2024/1689 (EU AI Act), Opscion AI shall: (a) maintain technical documentation in accordance with Article 11 and Annex IV; (b) implement logging capabilities sufficient to satisfy Article 12 traceability requirements; (c) provide Customer with transparency information sufficient to discharge Customer's own obligations under Article 13; (d) design the system to enable human oversight consistent with Article 14, as implemented in §2.2 of these Terms; and (e) undertake and maintain conformity assessments as required under Article 43. Opscion AI shall notify Customer within 30 days of any final regulatory determination materially affecting its EU AI Act compliance posture. This clause applies to EU-domiciled customers and takes effect from the date of full EU AI Act applicability to the relevant system category.

3. Intellectual Property & Data Ownership

The software architecture, parsing algorithms, AI models, and UI design of MillOS are the exclusive intellectual property of Opscion AI. Customer retains full ownership of all business data, Purchase Orders, and Lab Reports uploaded into the Platform.

AI-Generated Outputs: Test Certificates, parsed document values, and structured data outputs generated by the Platform from Customer's uploaded source documents are the property of the Customer. Opscion AI claims no ownership over AI-generated outputs produced from Customer's data.

Derived Analytics: Opscion AI shall not use Customer's identifiable Industrial Data to train public AI/ML models or benchmark against other customers without Customer's explicit prior written consent. Opscion AI may use anonymized, aggregated, de-identified platform usage data — processed in accordance with NIST Special Publication 800-188 or ISO/IEC 20889:2018, such that the probability of re-identification of any individual Customer or Customer's proprietary processes is negligible — solely to improve platform performance and reliability.

Staff Access Restriction: Opscion AI personnel shall not access, view, or process Customer's Industrial Data except: (i) as strictly necessary to provide technical support expressly requested by Customer; (ii) to investigate active security incidents impacting Customer's tenant; or (iii) as required by applicable law with prompt written notice to Customer where legally permissible. All such access shall be logged and made available to Customer upon written request within 5 business days.

3A. Confidentiality

Each party ("Receiving Party") agrees to keep confidential all non-public, proprietary information disclosed by the other party ("Disclosing Party") that is marked as confidential or that a reasonable person would understand to be confidential given its nature ("Confidential Information"). Industrial Data, PO records, lab reports, fastener specifications, chemical compositions, and customer pricing data uploaded to the Platform are deemed Confidential Information of the Customer per se, regardless of marking.

The Receiving Party shall: (i) use Confidential Information solely to perform its obligations under these Terms; (ii) limit access to those with a bona fide need-to-know who are bound by obligations no less restrictive than this Section; and (iii) protect Confidential Information with the same degree of care used to protect its own confidential information of similar sensitivity, but in no event less than reasonable care. These obligations do not apply to information that: (a) is or becomes publicly available through no fault of the Receiving Party; (b) was rightfully known prior to disclosure; (c) is independently developed without reference to Confidential Information; or (d) must be disclosed by law or court order, with prompt prior written notice and cooperation in seeking a protective order. Confidentiality obligations survive termination for five (5) years.

4. Payment Terms & Cancellation

SaaS subscriptions are billed annually or monthly per your enterprise agreement. Standard payment terms are Net 30 days from the invoice date. Opscion AI reserves the right to suspend account access for invoices past due by more than 15 days, with written notice provided no fewer than 5 business days prior to suspension.

Customers are solely responsible for all applicable taxes, including GST or other local duties in their operating jurisdiction. You may cancel with 30 days' written notice. Upon cancellation or termination for any reason: (i) a full database export (CSV/PDF) will be delivered within 14 business days; and (ii) Opscion AI shall permanently delete — or render permanently inaccessible via cryptographic erasure (destruction of all applicable encryption keys in accordance with NIST SP 800-88 Guidelines for Media Sanitization) — all copies of Customer data, including Industrial Data, Personal Data, and any derivatives thereof, from its own production systems, backups, and disaster recovery infrastructure within sixty (60) calendar days of termination, with written confirmation of deletion or cryptographic erasure provided to the account administrator upon request.

4A. Customer Right to Terminate for Cause

Customer may terminate this Agreement by written notice to legal@opscion.ai if: (a) Opscion AI commits a material breach and fails to cure within thirty (30) days after written notice specifying the breach; (b) Opscion AI becomes insolvent, makes a general assignment for the benefit of creditors, or becomes subject to insolvency proceedings not dismissed within 60 days; or (c) Opscion AI suffers a security incident that has been determined by Opscion AI's internal security team or an independent third-party forensic investigator — such determination to be communicated to Customer within ten (10) business days of incident detection — to have materially compromised the integrity or confidentiality of Customer's Industrial Data.

Upon valid termination under this Section, Customer shall be entitled to: (i) a pro-rata refund of all pre-paid, unused subscription fees; and (ii) an expedited database export within 5 business days.

5. Acceptable Use Policy

Access to the Platform is restricted to Customer's internal business operations. Customer explicitly agrees not to: (a) reverse-engineer, decompile, or disassemble the AI parsing engine or any underlying platform technology; (b) scrape the Platform for data or source code by automated or manual means; (c) use the Service to build, train, or inform a competing product or service without Opscion AI's prior written consent; or (d) use AI-generated outputs from the Platform to directly control physical industrial processes, production equipment, or regulatory submission without prior independent human verification by a qualified QA professional as required under §2.2.

For non-egregious violations, Opscion AI will provide written notice specifying the violation, and Customer shall have fifteen (15) days to cure. For egregious violations — including active competitive intelligence gathering, malicious scraping, or unauthorized system access attempts — Opscion AI will provide three (3) business days' written notice before exercising its right to terminate, unless the egregious conduct poses an active and ongoing security threat to the Platform or other customers, in which case immediate suspension (not termination) of access may be implemented pending resolution. Opscion AI's termination determination shall be documented in writing and made in good faith.

6. Limitation of Liability

In no event shall Opscion AI's total aggregate liability for any claim — including those arising from software downtime, API outages, or parsing errors — exceed the total amount paid by the Customer in the twelve (12) months preceding the claim. Neither party shall be liable for incidental, indirect, special, or consequential damages, including lost revenue or downstream shipment delay penalties, even if advised of the possibility of such damages.

Carve-out to Consequential Damages Exclusion: Notwithstanding the foregoing, the exclusion of consequential damages shall not apply to: (a) losses arising from Opscion AI's gross negligence or wilful misconduct; (b) Opscion AI's material breach of its data security obligations; or (c) documented, third-party-imposed supply chain delay penalties directly and exclusively caused by Platform downtime exceeding eight (8) consecutive hours in any calendar month, subject always to the aggregate liability cap in this §6.

Mandatory Carve-outs (cap does not apply to): (i) either party's fraud or wilful misconduct; (ii) death or personal injury caused by a party's proven negligence; (iii) Customer's payment obligations under §4; (iv) either party's breach of confidentiality obligations under §3A.

Enhanced Cap — IP Indemnification & Regulatory Fines: Opscion AI's liability under its IP indemnification obligation (§8.1) and its regulatory fine indemnification obligation (§8.3) shall each be capped at two times (2×) the total fees paid by Customer in the twelve (12) months preceding the relevant claim. These enhanced caps are separate and do not aggregate.

6A. Insurance

During the Term and for two (2) years thereafter, Opscion AI shall maintain, at its own expense, the following minimum insurance coverages from reputable, licensed insurers:

• Cyber Liability / Data Breach Insurance — minimum USD $2,000,000 per occurrence and USD $5,000,000 in the annual aggregate.
• Errors & Omissions / Professional Indemnity Insurance — minimum USD $1,000,000 per occurrence.
• Commercial General Liability Insurance — minimum USD $1,000,000 per occurrence.

Opscion AI shall provide Certificates of Insurance to Customer within ten (10) business days of written request. Such policies shall not be materially reduced or cancelled without thirty (30) days' prior written notice to Customer.

7. Dispute Resolution & Governing Law

7.1 All Customers — Informal Resolution First

Before initiating formal proceedings, the parties shall attempt good-faith senior management resolution for thirty (30) days following written notice of the dispute.

7.2 Customers Domiciled in India

These Terms shall be governed by the laws of India. Disputes unresolved informally shall be referred to binding arbitration under the Arbitration and Conciliation Act, 1996, with a sole arbitrator agreed by the parties (or appointed per ICA rules), conducted in English, seated in Ahmedabad, Gujarat.

7.3 Customers Domiciled in the EU / UK

For all commercial disputes, Indian law and Ahmedabad arbitration apply as in §7.2. For disputes arising exclusively from personal data processing obligations, the laws of England and Wales govern, and the parties submit to the non-exclusive jurisdiction of the courts of England and Wales, or the applicable EEA/UK supervisory authority for regulatory matters.

7.4 Customers Domiciled in the United States

For US-domiciled customers, these Terms shall be governed by the laws of the State of New York (without regard to conflict-of-laws principles), with disputes resolved under JAMS International Arbitration Rules, seated in New York, NY, conducted in English. Either party may seek emergency injunctive relief from a court of competent jurisdiction without waiving arbitration rights.

All Jurisdictions: Emergency injunctive relief may be sought from any court of competent jurisdiction pending the outcome of arbitration.

8. Mutual Indemnification

8.1 By Opscion AI. Opscion AI shall defend, indemnify, and hold harmless Customer from and against any third-party claim alleging that the MillOS platform, as provided and used in accordance with these Terms, infringes any third-party intellectual property right. Opscion AI's obligations shall not apply if the claim arises from: (a) Customer's modification of the Platform; (b) combination with non-Opscion AI software; or (c) use outside the scope of these Terms. IP indemnification liability is subject to the 2× enhanced cap in §6.

8.2 By Customer. Customer shall defend, indemnify, and hold harmless Opscion AI from and against any third-party claim arising from: (a) Customer's breach of these Terms; (b) Customer's violation of applicable law; or (c) Industrial Data uploaded to the Platform that infringes third-party rights.

8.3 Regulatory Fines. Where a regulatory fine (including under the DPDP Act, GDPR, or equivalent law) is levied against Customer and is primarily attributable to Opscion AI's material breach of its data processing obligations under these Terms or the DPA — as established by: (i) a final and unappealable regulatory decision; or (ii) a binding arbitral award under §7 — Opscion AI shall indemnify Customer for the proportionate share of such fine directly attributable to Opscion AI's breach, subject to the separate 2× enhanced cap in §6. Where a fine reflects both Opscion AI's processor breach and Customer's controller decisions, indemnification shall be limited to the portion of the fine attributable to Opscion AI's breach as determined by the applicable authority or arbitral tribunal.

8.4 Indemnification Procedure. The indemnified party shall: (i) promptly notify the indemnifying party in writing upon becoming aware of the claim; (ii) grant the indemnifying party sole control of the defense and settlement, provided no settlement imposes uncompensated liability on or admission by the indemnified party; and (iii) provide reasonable cooperation at the indemnifying party's expense. Failure to provide prompt notice limits indemnification obligations only to the extent the indemnifying party is materially prejudiced by the delay.

9. Anti-Corruption & Export Controls

Each party represents it has not and shall not make any payment or transfer of value to any government official or political party in violation of the Indian Prevention of Corruption Act, 1988, the U.S. Foreign Corrupt Practices Act (FCPA), or the UK Bribery Act 2010.

Each party represents and warrants that it is not on, and shall not engage in any transaction with any person or entity appearing on: the OFAC Specially Designated Nationals and Blocked Persons List; the UN Security Council Consolidated Sanctions List; or any equivalent sanctions list maintained by the Government of India, the European Union, or the United Kingdom. Customer shall ensure the Platform is not used in connection with any sanctioned country, territory, or ultimately beneficial owner without the required governmental authorization.

Customer acknowledges the Platform and related technical data may be subject to Indian and international export control regimes, including SCOMET, EAR, and ITAR classifications. Customer is solely responsible for ensuring its use of the Platform complies with all applicable export and import laws in its operating jurisdictions.

10. Force Majeure

Neither party shall be liable for delays or failures in performance caused by circumstances genuinely beyond its reasonable control, including: acts of God, government-imposed shutdowns directly impeding service delivery, power grid failures simultaneously affecting primary and backup infrastructure, or pandemic-related disruptions mandated by governmental authority.

For the avoidance of doubt: cyberattacks on Opscion AI's own infrastructure, cyberattacks on Opscion AI's ERP integration partners or cloud sub-processors, supply chain disruptions, or software vulnerabilities do not constitute Force Majeure events. Opscion AI is solely responsible for maintaining appropriate business continuity controls, incident response capabilities, and disaster recovery mechanisms to mitigate such foreseeable risks.

The affected party shall notify the other in writing within 48 hours of a qualifying Force Majeure event and use commercially reasonable efforts to resume performance. If a Force Majeure event continues for more than thirty (30) consecutive days, either party may terminate this Agreement upon fifteen (15) days' written notice. Upon such termination, Customer shall be entitled to a pro-rata refund of all prepaid, unused subscription fees, and Opscion AI shall provide an expedited database export within 5 business days.

11. Amendments & Modifications

"Material changes" include, without limitation: modifications to data processing scope, liability caps, IP ownership rights, payment terms, termination rights, indemnification obligations, or the SLA credit mechanism.

Opscion AI will provide no fewer than thirty (30) days' advance email notice to the registered account administrator before any material change takes effect. Non-material changes (typographical corrections, formatting updates, or clarifications that do not alter the legal substance of any provision) take effect 7 days after posting on our website, with notice to the registered account administrator.

If Customer objects to any material change, Customer may terminate the Agreement by written notice within 30 days of receiving change notification, and shall be entitled to a pro-rata refund of any pre-paid, unused subscription fees. Continued use after a change's effective date constitutes acceptance of the revised Terms.

12. General Provisions

Severability. If any provision is found invalid, it shall be modified to the minimum extent to make it enforceable; remaining provisions continue in full force.

Entire Agreement. These Terms, together with the Privacy Policy and any executed Order Form or Enterprise Agreement, constitute the entire agreement between the parties and supersede all prior negotiations on the subject matter hereof.

Waiver. No failure to exercise any right constitutes a waiver of that right. A waiver of one breach is not a waiver of subsequent breaches.

Assignment. Customer may not assign these Terms without Opscion AI's prior written consent. Opscion AI may assign this Agreement in connection with a merger, acquisition, or sale of substantially all of its assets, provided: (i) the assignee agrees in writing to be bound by these Terms; (ii) for purposes of this clause, a "direct competitor" means an entity that, at the time of assignment, derives more than 20% of its annual revenue from the provision of AI-powered document processing, quality management, or factory ERP software principally marketed to fastener or metallurgical manufacturers — if the Customer disputes a competitor determination, either party may refer the question to an independent expert appointed under the rules of the Indian Institute of Arbitrators within 15 days; and (iii) Opscion AI provides Customer sixty (60) days' advance written notice of any such assignment. Customer shall have the right to terminate this Agreement without penalty within thirty (30) days of receiving such notice, with a pro-rata refund of all prepaid, unused subscription fees.

13. Data Processing Addendum (GDPR / UK GDPR)

Where Customer is subject to the EU General Data Protection Regulation (2016/679) ("GDPR"), the UK General Data Protection Regulation (as retained in UK law by the European Union (Withdrawal) Act 2018), or any substantially equivalent data protection legislation, the Data Processing Addendum ("DPA") available at legal@opscion.ai (and incorporated herein by reference upon request) is automatically incorporated into and forms part of these Terms, effective as of the Subscription Start Date. No separate execution or written request is required to activate the DPA. In the event of any conflict between these Terms and the DPA, the DPA shall prevail with respect to the subject matter of personal data protection.

EU Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914, Module 2 — Controller to Processor) and the UK International Data Transfer Agreement (IDTA) are pre-incorporated as schedules to the DPA and are operative from the Subscription Start Date for all relevant transfers. A DPA template for Customer review is available upon written request to legal@opscion.ai within two (2) business days.

13A. California Privacy (CCPA/CPRA)

To the extent Opscion AI processes Personal Information (as defined under California Civil Code §1798.140) of California residents on Customer's behalf, the parties agree that:

• Opscion AI is a "Service Provider" as defined under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA, effective January 1, 2023);
• Opscion AI shall not: (i) sell or share Personal Information; (ii) retain, use, or disclose Personal Information for any purpose other than the business purposes specified in these Terms and the applicable DPA; or (iii) combine Personal Information received from Customer with Personal Information received from or collected in connection with other sources, except as permitted by CPRA;
• Opscion AI certifies that it understands and will comply with these restrictions; and
• Opscion AI shall assist Customer in fulfilling verifiable consumer requests — including rights to know, correct, delete, and limit use of sensitive personal information — within the timelines required by CPRA (generally 45 days from receipt of a verified request).

For the avoidance of doubt, "Personal Information" under this Section refers to California consumer and employee data processed through the Platform (e.g., authorized user names and work email addresses), not to Customer's Industrial Data.